Apr 26, 2024 | Updated: 11:35 AM EDT
Apr 04, 2017 08:29 AM EDT
Word is out now that a single audio file could turn into a full-blown nightmare on an iPhone especially if it's left unchecked or is intentionally malicious. But if you're one of those whose security is of prime importance, consider Apple's iOS 10.3 as your ultimate savior in this ever looming mess.
Fortune reported that Apple has officially resolved two vulnerabilities that allows a song or an audio file to harm or hack an iPhone with the release of the latest upgrade iOS 10.3. Deemed as a memory corruption flaw, the Cupertino-based firm shared that the issue was addressed accordingly through an "improved input validation."
Accordingly, the anonymous hacker utilized MP4s (.M4A audio files) which were able to bypass Apple Security. These vulnerabilities entailed that the company's security was lacking a proper validation of the length of its user-supplied data on the iOS. This loophole would mean that once an intricately-crafted audio file was opened, a malicious code could very well be executed.This is one of the reasons why iOS 10.3 was released.
Apple's announcement on its resolution through iOS 10.3 came after the discovery of an anonymous hacker who is associated with Trend Micro's Zero Day Initiative. The hacker disclosed that the bugs can affect iPhones along with Apple TV and watchOS. In addition, the bugs are akin to the initiative of Google's Android operating system two years ago in which researchers found out that they could hide exploit code in MP3s and MP4s. As such, the issues were derived from the way Android was being processed metadata within music files.
In related news, Apple has also released alongside iOS 10.3.1 the macOS Sierra 10.12.4 just last week in order to address similar vulnerabilities. These include a bug that could allow a hacker to retrieve passwords for FileVault encrypted storage on a Mac that was discovered by Ulf Frisk, a Swedish Security professional.
